/*
 * This code is property of CoreObjects. Use, duplication and disclosure
 * in any form without permission of copyright holder is prohibited.
 *
 */
package com.nen.session;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Serves to PHP side for session validation and user information retrieval
 * 
 * @author amitm
 */
public class SessionServlet extends HttpServlet {

    @Override
    public void destroy() {
        super.destroy();
        System.out.println("Inside SessionServlet.destroy");
    }

    @Override
    public void init(ServletConfig config) throws ServletException {
        super.init(config);
        System.out.println("Inside SessionServlet.Init");
    }

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        System.out.println("Inside SessionServlet.processRequest");
        if (!isRequestAllowed(request)) {
            System.err.println("Not allowed to access this service!");
            response.sendError(response.SC_FORBIDDEN);
        } else {
            response.setContentType("text/plain;charset=UTF-8");
            PrintWriter out = response.getWriter();
            try {
                ServiceRequest serviceRequest = constructServiceRequest(request);
                ServiceResponse serviceResponse = SessionRequestHandler.process(serviceRequest);
                out.write(serviceResponse.toString());
                System.out.println("Exiting SessionServlet.processRequest");
            } finally {
                out.close();
            }
        }
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Provides services related to session";
    }// </editor-fold>

    private ServiceRequest constructServiceRequest(HttpServletRequest request) {
        return new ServiceRequest(request);
    }

    private boolean isRequestAllowed(HttpServletRequest request) {
        boolean allowed = false;
        String scheme = request.getScheme();
        String requestHost = request.getRemoteHost();
        System.out.println(">>>> Requesting host = " + requestHost);
        System.out.println(">>>> Requesting scheme = " + scheme);
        if (scheme.equalsIgnoreCase("https")) {
            allowed = true;
        }
        else {
            System.err.println("!!!! Access over "+scheme+" is not allowed!");
        }
        return allowed;
    }
}
